Test VOMS-addMember - OK Test VOMS-assignRole - OK Test VOMS-crAttribute - OK Test VOMS-crGroup - OK Test VOMS-crRole - OK Test VOMS-crUser - OK Test VOMS-crUserNocert - OK Test VOMS-delAttribute - OK Test VOMS-delGroup - OK Test VOMS-delGroupAttribute - OK Test VOMS-delRole - OK Test VOMS-delRoleAttribute - OK Test VOMS-delUser - OK Test VOMS-delUserAttribute - OK Test VOMS-dismissRole - OK Test VOMS-listAttributes - OK Test VOMS-listGroupAttributes - OK Test VOMS-listGroups - OK Test VOMS-listMembers - OK Test VOMS-listRoleAttributes - OK Test VOMS-listRoles - OK Test VOMS-listSubGroups - OK Test VOMS-listUserAttributes - OK Test VOMS-listUserGroups - OK Test VOMS-listUserRoles - OK Test VOMS-listUsers - OK Test VOMS-listUsrWithRol - OK Test VOMS-removeMember - OK Test VOMS-setGroupAttribute - OK Test VOMS-setRoleAttribute - OKhere's the full result report
Test VOMS-pr-attr - OK Test VOMS-pr-bits - OK Test VOMS-pr-cert - OK Test VOMS-pr-conf - OK Test VOMS-pr-dbg - OK Test VOMS-pr-genattr - OK Test VOMS-pr-hlp - OK Test VOMS-pr-hours - OK Test VOMS-pr-ign - OK Test VOMS-pr-key - OK Test VOMS-pr-limit - OK Test VOMS-pr-list - OK Test VOMS-pr-noreg - OK Test VOMS-pr-order - OK Test VOMS-pr-out - OK Test VOMS-pr-pver - OK Test VOMS-pr-pwst - OK Test VOMS-pr-quiet - OK Test VOMS-pr-RoleOrder - OK Test VOMS-pr-usg - OK Test VOMS-pr-valid - OK Test VOMS-pr-verify - OK Test VOMS-pr-vers - OK Test VOMS-pr-vlf - OK Test VOMS-pr-vomses - OK Test VOMS-pr-warn - OKhere's the full result report
wget http://etics-repository.cern.ch:8080/repository/pm/volatile/repomd/id/fa01c264-37cc-4539-a3b3-da59486a13dd/sl5_x86_64_gcc412/etics-volatile-build-by-id.repo yum install glite-VOMS_mysql yum install lcg-CAhere's the yum install log
copy siteinfo.def and services/glite-voms_mysql from '/opt/glite/yaim/examples/siteinfo' into your favourite dir. Rename glite-voms_mysql as glite-voms Set yaim variables as specified here https://twiki.cern.ch/twiki/bin/view/LCG/Site-info_configuration_variables Launch '/opt/glite/yaim/bin/yaim -c -s site-info.def -n VOMS'
cat ~/siteinfo/site-info.def # Uncomment this variable if you are installing a mysql server # It is the MySQL admin password. MYSQL_PASSWORD="admin" # Human-readable name of your site SITE_NAME=voms-sa3-italia ############################## # VO configuration variables # ############################## # If you are configuring a DNS-like VO, please check # the following URL: https://twiki.cern.ch/twiki/bin/view/LCG/YaimGuide400#vo_d_directory # Space separated list of VOs supported by your site VOS="sa3test vomstest" ----------------------------------------------------------------- cat ~/siteinfo/services/glite-voms # VOMS server hostname VOMS_HOST=localhost # Hostname of the database server. Put 'localhost' # if you run the database on the same machine. # This parameter can be specified per VO in the following way: # VO_<vo_name>_VOMS_ADMIN_DB_HOST VOMS_ADMIN_DB_HOST='localhost' VO_SA3TEST_VOMS_DB_HOST="voms-rd02-21.cnaf.infn.it" VO_SA3TEST_VOMS_DB_TYPE="mysql" VO_SA3TEST_VOMS_DB_USER="sa3test_user" VO_SA3TEST_VOMS_DB_PASS="pwd" VO_SA3TEST_VOMS_DB_NAME="db_sa3test" VO_SA3TEST_VOMS_PORT="15001" VO_VOMSTEST_VOMS_DB_HOST="voms-rd02-21.cnaf.infn.it" VO_VOMSTEST_VOMS_DB_TYPE="mysql" VO_VOMSTEST_VOMS_DB_USER="vomstest_user" VO_VOMSTEST_VOMS_DB_PASS="pwd1" VO_VOMSTEST_VOMS_DB_NAME="db_vomstest" VO_VOMSTEST_VOMS_PORT="15002" VOMS_ADMIN_SMTP_HOST="localhost" VOMS_ADMIN_MAIL="elisabetta.molinari@mi.infn.it" VOMS_DB_DEPLOY="true" -----------------------------------------------
- dump the old database on the old VOMS server and transfer the file to the new node: mysqldump -h <OLD_HOSTNAME> -u <USER> -p --databases <DB_NAME> > <DUMP_FILE> - mysql -u root -p < dbsa3test; mysql -u root -p < dbvomstest; - grant all on *.* to 'root'@'voms-rd02-21.cnaf.infn.it' identified by 'admin'; - grant all on db_sa3test.* to 'sa3test_user'@'voms-rd02-21.cnaf.infn.it' identified by 'admin'; - grant all on db_sa3test.* to 'sa3test_user'@'localhost' identified by 'admin'; - grant all on db_vomstest.* to 'vomstest_user'@'voms-rd02-21.cnaf.infn.it' identified by 'admin'; - grant all on db_vomstest.* to 'vomstest_user'@'localhost' identified by 'admin'; - synchronize yaim conf files from the old machine with the new one, i.e. make sure username and password for the VO databases are the same - launch yaim configuration after setting yaim variable VOMS_DB_DEPLOY to 'false' in the siteinfo.def or the services/glite-voms file - re-start tomcat - launch upgrade VO, for each VO as in the following: /opt/glite/sbin/voms-admin-configure upgrade --vo=sa3test - re-start voms server and voms-admin - register the VOMS host identity as a default admin -->/opt/glite/sbin/voms-db-deploy.py add-admin --vo sa3test --cert /etc/grid-security/hostcert.pem
voms-admin --vo sa3test --nousercert remove-certificate '/C=IT/O=INFN/OU=Personal Certificate/L=CNAF/CN=Elisabet' '/C=IT/O=INFN/CN=INFN' org.glite.security.voms.admin.database.NoSuchCertificateException: No certificate found matching subject '/C=IT/O=INFN/OU=Personal Certificate/L=CNAF/CN=Elisabet, /C=IT/O=INFN/CN=INFN'.
voms-admin --vo sa3test suspend-certificate .globus/usercert.pem 'security incident'
voms-admin --vo sa3test restore-certificate .globus/usercert.pem
voms-admin --vo sa3test create-group testgroup
voms-admin --vo sa3test create-group testgroup/testsubgroup
openssl x509 -in cas/ca2/certs/08.pem -text -noout | more Certificate: Data: Version: 3 (0x2) Serial Number: 8 (0x8) Signature Algorithm: sha1WithRSAEncryption Issuer: DC=CH, DC=CERN, OU=EMAILCA, CN=emailca.cern.ch/emailAddress=emailca@cern.ch Validity Not Before: Mar 8 20:32:58 2010 GMT Not After : Mar 8 20:32:58 2011 GMT Subject: DC=CH, DC=CERN, OU=EMAILCA, CN=Test user 3/emailAddress=test_user_3@emailca.cern.ch Subject Public Key Info: Public Key Algorithm: rsaEncryption
voms-admin --vo sa3test create-user cas/ca2/certs/08.pem voms-admin --vo sa3test list-users .......... /DC=CH/DC=CERN/OU=EMAILCA/CN=Test user 3/Email=test_user_3@emailca.cern.ch, /DC=CH/DC=CERN/OU=EMAILCA/CN=emailca.cern.ch/Email=emailca@cern.ch - test_user_3@emailca.cern.ch
voms-admin --vo sa3test delete-user cas/ca2/certs/08.pem org.glite.security.voms.admin.persistence.error.NoSuchUserException: User '/DC=CH/DC=CERN/OU=EMAILCA/CN=Test user 3/Email=test_user_3@emailca.cern.ch,/DC=CH/DC=CERN/OU=EMAILCA/CN=emailca.cern.ch/emailAddress=emailca@cern.ch' not found in org.glite.security.voms.admin.persistence.error! voms-rd02-21
voms-admin-configure install --vo adminDeploy --createdb --deploy-database --dbtype mysql --dbhost cert-10.cnaf.infn.it --port 15002 --dbusername 'admin_Deploy' --dbpassword 'pwd' --mail-from elisabetta.molinari@mi.infn.it --verbose --smtp-host smtp.cnaf.infn.it --dbapwd 'admin'
An administrator with the given subject already exists. Choose a different subject! Certificate subject:
Insufficient privileges to execute 'CreateGroupOperation'.
I | Attachment | Action | Size | Date | Who | Comment |
---|---|---|---|---|---|---|
![]() |
full_result.html.gz | manage | 2.2 K | 2010-03-18 - 08:36 | UnknownUser | full result voms admin report |
![]() |
full_result_vomscore.html.gz | manage | 3.9 K | 2010-03-18 - 08:39 | UnknownUser | full result voms core report |
![]() |
upgrade_log.gz | manage | 2.1 K | 2010-03-23 - 09:29 | UnknownUser | upgrade log |
![]() |
yaimlog | manage | 33.3 K | 2010-03-18 - 15:09 | UnknownUser | yaim configuration log |
![]() |
yum_install_3407 | manage | 16.5 K | 2010-04-13 - 07:28 | UnknownUser | yum install 3407 |
![]() |
yum_install_3407_1304 | manage | 7.6 K | 2010-04-20 - 09:52 | UnknownUser | |
![]() |
yum_install_log.gz | manage | 2.4 K | 2010-03-18 - 14:24 | UnknownUser | yum install log |
![]() |
![]() |
|
![]() |
![]() |